Security Bulletin: IBM PowerVC - Local escalation of privilege vulnerability in DB2 for Linux (CVE-2016-5995)

Summary

IBM PowerVC is impacted by Local escalation of privilege vulnerability in DB2 for Linux (CVE-2016-5995)

Vulnerability Details

CVE-ID: CVE-2016-5995 **Description:**DB2 for Linux, Unix and Windows is vulnerable to a privilege escalation due to code being built with binaries with libraries in insecure locations. A local user could place a malicious library in a location that a SETGID or SETUID binary would execute and gain root level access. **CVSS Base Score:**8.40 CVSS Temporal Score:See https://exchange.xforce.ibmcloud.com/vulnerabilities/116653 for the current score **CVSS Environmental Score:**Undefined **CVSS Vector: **CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products and Versions

PowerVC Standard Edition 1.2.3.0 through 1.2.3.3
PowerVC Standard Edition 1.3.0.0 through 1.3.0.2

Remediation/Fixes

For PowerVC 1.2.3, update to 1.2.3 FP3 and then apply the IT17260 interim fix from FixCentral:https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FOther+software%2FPowerVC&fixids=Security-Fix-1.2.3.3-PowerVC-RHEL-NOARCH-APAR-IT17260&source=SAR&function=fixId&parent=ibm/Other%20software
For PowerVC 1.3.0, update to 1.3.0 FP2 and then apply the IT17260 interim fix from FixCentral:https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FOther+software%2FPowerVC&fixids=Security-Fix-1.3.0.2-PowerVC-RHEL-NOARCH-APAR-IT17260&source=SAR&function=fixId&parent=ibm/Other%20software.

Workarounds and Mitigations

Running the following commands will remove the vulnerability without side-effects. The user executing the commands must be root.

/home/pwrvcdb/sqllib/bin/db2chglibpath -s ‘\.:’ -r ‘’ /home/pwrvcdb/sqllib/adm/db2iclean
/opt/ibm/powervc/db/bin/db2chglibpath -s ‘\.:’ -r ‘’ /opt/ibm/powervc/db/adm/db2iclean